My idea is for you to have to input a modified version of your password, with the modifications being randomly selected and instructions on a garbled image(similar to the verification codes often used for registering accounts).
For example, they could include doubled password("Generic PassWord" turns
into "Generic PassWordGeneric PassWord"), reverse capitalization("gENERIC pASSwORD"), double-characters("GGeenneerriicc PPaassWWoorrdd"), or any combination("ggEENNEERRIICC ppAASSwwOORRDD").
This would all but prevent your password from being guessed, via person or being brute-forced, and could even nullify key-logging sometimes.

Restrictions on passwords: "We're sorry, you've used that password before, choose another." I was nearly whipped to a Luddite frenzy by that one.

My problem with the Idea presented is that it depends on alphanumeric input with caps optional. I feel that super-secure intranets may benefit by additional security, but that other users would just as much benefit from occasionally deleting their password files and re-establishing everything fresh.